Dina is available at VulnHub. This machine is for beginners. It requires some good enumeration and out-of-the-box thinking skills to root this box. This machine has a vulnerability that was discovered by its author. This machine is compatible only with VirtualBox.

In this walkthrough, I’ll be using Parrot Security OS but you can use Kali Linux or any other distro you want.

So, import the machine into VirtualBox and start the machine. Use netdiscover to determine the IP of Dina.

sudo netdiscover -r 192.168.8.1/24

Register this IP in “/etc/hosts” file, so you won’t have to remember the IP address.

sudo nano /etc/hosts

Now run a full port Nmap scan.

nmap -p- dina.local

There’s only a web server running on port 80.

The source code of this default web page has no flags or anything useful. So, we check the “robots” file. It has following disallowed entries.

All these entries are empty except “/nothing”.

We’ve found some credentials in the source code of the web page, but that won’t help. Now, we’ll run dirb to find out if the website has some hidden directories.

dirb http://dina.local

Dirb has found a new directory “/secure”, it has a “backup.zip” file. Upon downloading this file, I came to know that this file is encrypted. Let’s crack it using John The Ripper. The dictionary we’ll be going to use is the password list we saw in the source code of “/nothing”.

And here we got our lower privileged Meterpreter shell. Now, time for further post-exploitation to get root. When we check root privileges, Perl has the privilege to execute command as root. I’ll be using a simpler method to get a root reverse shell from Dina to my local machine. Just start a Netcat listener on attacker machine.

sudo nc -nlvp 1234

I’ll be using Perl Reverse Shell from Pentestmonkey to get a reverse shell to my local machine. Run the script as sudo,

Want to learn more about ethical hacking?

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Related

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]